TUNE also completes a clean SOC 1 Type II Audit, continuing to lead the industry in its commitment to trustworthiness and stability
For the third year in a row, TUNE has completed a successful SOC 2 Type II audit of its system and organization controls relevant to security. TUNE also underwent a SOC 1 Type II audit to evaluate the suitability of its financial reporting system design and operating effectiveness. TUNE is proud to announce that it received a clean bill of health, as zero exceptions were noted in either report.
SOC compliance is a component of the American Institute of CPAs’ (AICPA) Service Organization Control reporting platform, intended to assure the security, availability, processing integrity, confidentiality, and privacy of customer data. SOC 2 audits are both technical and pragmatic, as they require that a company document and follow comprehensive information security policies and procedures. SOC 1 audits test a user entities’ relevant internal controls specifically as they relate to financial reporting, indicating that TUNE clients can expect quality control from TUNE reporting.
In pursuing more stringent and comprehensive Type II certifications (rather than a Type I), TUNE chose to test its policies and procedures over a lengthy time period rather than a single moment in time. The audit period for TUNE’s report extended from August 19, 2019 through November 30, 2019. The reports were issued on January 27, 2020.
TUNE engaged an independent third-party auditor to review security and reporting controls. Starting in 2017, TUNE has voluntarily undergone this invasive and time-consuming audit each year to test the sufficiency of its procedures and execution on a variety of systems.
TUNE pursues these voluntary examinations to both improve its practices and demonstrate its commitment to provide trustworthy and transparent solutions, giving clients, vendors, and employees peace of mind that they can do business with TUNE worry-free. TUNE views the feedback loop generated from periodic third-party reviews — including active dialogue with auditors — as the best means to improve forward-looking operations.
TUNE has also invested in a robust privacy program. TUNE made backend upgrades in advance of the General Data Protection Regulation (GDPR) enforcement launch on May 25, 2018, which enabled us to be prepared for the new California Consumer Privacy Act (CCPA), which went into effect on January 1, 2020. To evidence TUNE’s GDPR compliance, we voluntarily submitted to a legal and technical audit by ePrivacy. While GDPR’s substantive and technical regulatory obligations translated well to CCPA, TUNE recently made modest updates to more explicitly reference CCPA in relevant external documentation.
Relevant portions of both the SOC 2 Type II and SOC 1 Type II reports are available upon request to [email protected] for TUNE clients as well as prospects under a non-disclosure commitment. To learn more about how TUNE approaches data security and privacy, click here.
Becky is the Senior Content Marketing Manager at TUNE. Before TUNE, she led a variety of marketing and communications projects at San Francisco startups. Becky received her bachelor's degree in English from Wake Forest University. After living nearly a decade in San Francisco and Seattle, she has returned to her home of Charleston, SC, where you can find her enjoying the sun and salt water with her family.